IBM Online Threat Report: Trust No One

The X-Force 2009 Mid-Year Trend and Risk Report, issued Wednesday, said that security threats to Web surfers are no longer limited to "malicious domains or untrusted Web sites" and now include dangerous content on legitimate Internet sites. The result is "an unprecedented state of Web insecurity as Web client, server and content threats converge to create an untenable risk landscape," according to the report.

"The trends highlighted by the report seem to indicate that the Internet has finally taken on the characteristics of the Wild West, where no one is to be trusted," said X-Force director Kris Lamb, in a statement about the report. "There is no such thing as safe browsing today and it is no longer the case that only the red light district sites are responsible for malware. We've reached a tipping point where every Web site should be viewed as suspicious and every user is at risk."

The study said there has been a 508 percent increase in the number of new malicious Web links discovered in the first half of the year compared to the same period in 2008. But, more ominously, the report said there has been an increase in malicious content on trusted sites, including popular search engines, blogs, bulletin boards, personal Web sites, online magazines and mainstream news sites.

There has been "a significant rise in Web application attacks with the intent to steal and manipulate data and take command and control of infected computers," the report said. A common method is SQL injection attacks where criminals inject malicious code into legitimate Web sites that infect visitors to those sites. The report said the number of SQL injection attacks rose 50 percent from the fourth quarter of 2008 to this year's first quarter, and then nearly doubled again from the first quarter to the second.

Sponsored post

The level of veiled Web exploits, particularly in PDF files, "are at an all-time high," the report said, indicating the increased sophistication of attackers. The number of PDF vulnerabilities in the first half of this year surpassed the total for all of 2008, the report said.

Trojans accounted for 55 percent of all new malware, a nine percent increase from the first half of 2008. Information-stealing Trojans are the most prevalent malware category, the report said.

The report did have some good news, however. Phishing incidents have "decreased dramatically," probably because banking Trojans are becoming the preferred means of launching attacks toward financial targets. In the first half of the year 66 percent of all phishing was targeted at the financial industry, down from 90 percent last year.

The report also concluded that the number of software vulnerabilities might have reached a plateau, an indication that software vendors are improving their development quality control. There were 3,240 new vulnerabilities discovered in the first half of 2009, the report said, down 8 percent from the first half of 2008. But nearly half (49 percent) of all discovered vulnerabilities had no vendor-supplied patch by the end of the period, according to the report.